Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Most Secure Cloud Storage Provider

Published byLiliana Cunningham Modified over 6 years ago

Similar presentations

Presentation on theme: "The Most Secure Cloud Storage Provider"— Presentation transcript:

1 The Most Secure Cloud Storage Provider
Anton Titov CTO CyberCon, June 2018, Sofia

2 Client-side encryption Zero-knowledge privacy Multi-layer protection
Absolute Security with pCloud Crypto Client-side encryption Only the user has access to the encrypted content Zero-knowledge privacy pCloud does not know what is saved in Crypto Folders Multi-layer protection Additional protection layers & keys pCloud Crypto Hacking Challenge with $100,000 award. For 6 months 2,800+ hackers - Berkeley, Boston, MIT and 523 other organizations None of them succeeded.

3 Mission Client-side encrypted cloud storage
Accessible from multiple software clients / platforms All user needs to access encrypted data are account credentials and encryption passphrase Efficient read/write random access

4 Everybody do encryption, don't they?
Encryption of in-transit data Encryption of stored data with provider's keys Client-side encryption

5 Still, it should not be that hard, right?
What is actually encryption? What is authentication? Encryption and authentication of data connection - fairly trivial. Block device (hard drive) encryption - fairly trivial. Authentication may degrade performance, but you can live without it. Encryption of randomly accessible data - fairly trivial, authentication is however tricky.

6 How to authenticate a file as a whole?
Split file into blocks of some size, say 4Kb Use a Merkle tree to authenticate the file Since we are working with disk storage, don't use a binary Merkle tree, but say 256-way one Files with reasonable size will have a tree-depth of 2-4 levels Wouldn't it be great to also have a Merkle tree of directory structure?

7 Technological overview
Each user has 4096 bit RSA key, private encrypted with AES256 key derived from passphrase with PBKDF2, public and encrypted private parts stored in the cloud Each folder and each file has its own AES256 and HMAC-SHA512 key, encrypted with RSA and stored in the cloud Folder keys used to encrypt file names and sign keys of in-folder contents File keys encrypt and authenticate the file data

8 So the private key is actually stored in the cloud?
Yes, but it is in turn encrypted There are alternatives but those are slow and messy

9 Future work: Share-Able encryption
24/7 Access to files We don't really need RSA in the picture now Big challenge: trust, MITM Just encrypt every folder/file key with public keys of all users that have access Linear scaling by number of users is not ideal, but public RSA operations are ~100 faster than private ones anyway Collaboration

10 Anton Titov, CTO anton@pCloud.com
Thank You Questions? Anton Titov, CTO

Download ppt "The Most Secure Cloud Storage Provider"

Similar presentations

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.

Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.
Secure storage for your data in the Internet! If you have any question, you can contact us on: om.

Secure storage for your data in the Internet! If you have any question, you can contact us on: om.
Secure File Storage Nathanael Paul CRyptography Applications Bistro March 25, 2004.

Secure File Storage Nathanael Paul CRyptography Applications Bistro March 25, 2004.
Lecture 9: Email Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 9: Security via PGP CS 436/636/736 Spring 2012 Nitesh Saxena.
Privacy in a Public World ISACA North Alabama Chapter March 11, 2008.

Privacy in a Public World ISACA North Alabama Chapter March 11, 2008.
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
Electronic Mail Security

Electronic Mail Security
Computing Hardware Starter.

Computing Hardware Starter.
Email Security.  email is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Authentication Key HMAC(MK, “auth”) Server Encryption Key HMAC(MK, “server_enc”) User Password Master Key (MK) Client Encryption Key HMAC(MK, “client_enc”)

Authentication Key HMAC(MK, “auth”) Server Encryption Key HMAC(MK, “server_enc”) User Password Master Key (MK) Client Encryption Key HMAC(MK, “client_enc”)
Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Chapter 15: Electronic Mail Security

Chapter 15: Electronic Mail Security
Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.

Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.
Instructional Technology & Design Office 217-244-4903 or 800-377-1892 Box at U of I: Cloud Services Presented by Kate Rojas.

Instructional Technology & Design Office or Box at U of I: Cloud Services Presented by Kate Rojas.
Pretty Good Privacy (PGP) Security for Electronic Email.

Pretty Good Privacy (PGP) Security for Electronic .
Email Security PGP IT352 | Network Security |Najwa AlGhamdi 1.

Security PGP IT352 | Network Security |Najwa AlGhamdi 1.
INTERNET SAFETY FOR KIDS

INTERNET SAFETY FOR KIDS
Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)

Similar presentations

Ads by Google